AMCHAM PHILIPPINES OSAC MEETING 17 MAY 2018 Resilience Everyday - PowerPoint PPT Presentation

AMCHAM PHILIPPINES OSAC MEETING 17 MAY 2018 Resilience Everyday PSA Philippines Consultancy Inc 1

RESILIENCE & BUSINESS CONTINUITY (1970'S TO 2000'S) • First, there was contingency planning and disaster recovery planning • Then, came business continuity planning • Paralleling this is: development of incident, emergency and crisis management • And disaster risk reduction (Sendai Framework 2015-2030) • Scenarios included all forms both: ― Natural disasters (e.g. earthquakes and typhoons) versus man- made disasters (e.g. major accidents, terrorism and war) ― Technical disruption (e.g. IT failures) versus human disruption (e.g. pandemics)

RESILIENCE Resilience is developed from an attitude; it is NOT a process Resilience is your business Resilience is shaped by organisational culture; it must be lived day-by-day Resilience requires committed leadership from top to bottom; and planning from bottom-to-top Resilience must be inculcated into every process Resilience is a characteristic, a quality, an outcome

Change and Strengthening Resiliency Most of you know Pacific Strategies & Assessments (PSA). It was founded in November 1999 by Scott Harrison. Since then, the business has grown rapidly becoming the premier business risk consultancy, having our home, in Asia. This month after some stellar growth in our International Due Diligence practice we have decided to split the company into two entities. This is a decision to strengthen and make our business more resilient. Pacific Strategies and Assessments which will remain as the provider of our International Due Diligence, very much a BPO operation. PSA Philippines Consultancy Inc will house the 1. Market Entry and Intelligence, 2. Security and Crisis Management, and 3. Corruption and Fraud Prevention Services. 4

Testing Your Resilience  Resilience to what? – Typhoons, Earthquakes, Political upheaval, Pandemics, you name them.  What we see as daily tests of resilience Corruption and the judicial system Organized crime Cyber crime Assaults on your reputation

Challenges to a Company”s Resilience 6 6

Corruption and Organized crime A much greater problem than many will recognize or accept Tolerated in some companies but invariably it becomes too big to ignore Can involve suppliers, vendors, politicians and staff When challenged brings huge existential risks 7

Organized Crime The scope of the problem: • The distributor • The marketing team • The finance team • The procurement team • Floor staff • The security team • The transport group The presence of internal and external players Political leadership and protection Medical Instrument Manufacturer 8

The Situation • A Manufacturing company has been in business in the Philippines for four decades • Our investigation began with a whistleblower email implicating two employees engaged in procurement fraud. • The investigation was later expanded to other illegal activities the company was previously unaware of.

PHASES OF INVESTIGATION Computer forensics analysis was expanded 1 to 17 hard drives based on the information contained in the first HDD 2  Results of other components of the investigation – audits, interviews with key individuals, and pretext approaches 3  Raids and external inquiries with vendors, local parties and politicians

AREAS OF INVESTIGATION Thefts Illegal Vendor Commissions Overcharges Illegal commission Production Overcharges from from whistleblower materials the company’s email manpower service provider Specific illegal commission Overcharges from Theft of Products amounting to the company’s P600,000 ($14,300) supplier of chemicals and Illegal commission materials from the company’s security provider

The Outcomes as a Result of the Crimes  A comprehensive audit conducted by external auditors finds massive cover ups and major losses in excess of 100 million of dollars.  31 employees dismissed  The company closes one of its plants and retrenches 350 employees

The Outcomes as a Result of the Crimes  A buyer proven to being paid illegal commissions amounting to P2,600,000 pesos. The Senior Purchasing Director engaged in an illicit affair, which is being used by the buyer and others as leverage. (keep your mouth shut)  The proven involvement of the Purchasing Manager and a warehousemen in the continuous theft of production material  Raids led by NBI, instigated by the company on two identified vendors shown to be conspiring with staff members and implicated in the theft of products recover 10,500 pieces of finished products with a retail value of 100 million pesos

The Outcomes as a Result of the Crimes  A buyer shown to be living beyond his means: • 3 franchise businesses registered in 1 year • Has three registered vehicles under his name in 1 year  Lending businesses of two buyers with amounts not commensurate with their salaries  A finance team member making regular fund transfers to a manager of a vendor company  Non-accredited vendors being awarded bidding contracts by the Purchasing Department  The Security Manager’s trip to Singapore with a sales staff member from a vendor company

Scenario #1 • You run an US based BPO that had in the Philippines 1200 seats providing transcription services using your own IP protected software. • Over a three year period a number of your key clients have shifted their accounts to another BPO operating out of one of the new wave cities. You have lost $150 mil in revenue and have had to retrench 625 staff. • You are told the new company is owned and managed by ex company executives • This new company has recruited key individuals and is recruiting from your retrenched staff What is going on? How do you identify the causes? Who are these new players? How do you stop it? 15

Cybercrimes • Data Breaches • Hacking • Social engineering • Phishing • Malware • Capture of Data • Identity Theft – Patient Records • Business Email Compromise • Ransom ware • Possession • Extortion • Transaction Fraud • Transmission of child pornography • Harassment using e-mails and cyber-stalking • Computer vandalism • Unauthorized Control The posting and distribution of obscene material is one of the most prevalent and may be related to extortion or reputation attack a conduit for placing malware 16 16

DBIR STATISTICS 2017 CYBER ATTACKS 17

Scenario #2 18

Ransomware 19 19

Ransomware in the Philippines Ransomware are software which will lock a user out of the computer and ask for money to regain access. Hackers who employ ransomware often ask for payments in cryptocurrency - bitcoin. In 2017 in one attack at least 28 companies here were infected by a worm, dubbed WannaCry, that locked up some 200,000 companies in more than 150 countries. In the wake of a massive global ransomware attack, the Bangko Sentral instructed banks and other financial institutions not to pay or communicate with cyber criminals The risk has lowered in 2018 but still remains a major threat to a companies ability to operate 20

Ransomware Global cybersecurity insurance company Beazley looked at and reported on more than 2,600 data incidents in 2017, spanning several industries The report found that 24 percent of all ransomware attacks studied in 2017 were in the financial sector and 15% in healthcare Heritage Valley Health Systems, a health care network that runs two hospitals in Western Pennsylvania, confirmed that it was a victim of a ransomware attack that had spread around the globe as was shut down for several months as all their data was locked and inaccessible – No back up “Even after they pay the Bitcoin ransom, recovery can take weeks or months. The biggest threat is business interruption. A lot of smaller hospitals, certainly rural critical access care hospitals don’t operate at margins that allow them to deal with a lot of downtime. These incidents can literally put them out of business,” Martinez told 21

Prevention - Ransomware Back up Back up Back up Education Access controls Least Privilege Whitelisting Create Strong Passwords Lock Your Computer Protect Your Computer Own Your Online Presence Report Suspicious Activity 22

WHAT IS REQUIRED IN ORDER TO BUILD RESILIENCE IN AN ORGANIZATION : • resilience capability is strongest in an organization that anticipates and understands emerging threats • understands the threat impact; • develop and maintain partnerships with critical stakeholders in their supply chain, sector and community; • responds and recovers from disruptions as a unified organization team; • adapts to disruptions and reacts flexibly to incidents; • ensures staff are willing and able to support the organization in times of adversity (and is prepared and reciprocal in supporting them and their needs); • articulates clear organizational objectives and intent; • establishes a strong sense of purpose in response to and recovery from a disruption; • leads with clear direction; and • enables devolved problem solving.

Summary • Resilience is your business • The threat to your future is with you every day • It is not a passing fad • It doesn’t require and act of god 24

Graeme Campbell Executive Director PSA Philippines Consultancy Inc Telephone: 0920-958-6538